Technology Advisor Blog

Latest Internet Explorer Security Threat - What you can do.

Posted by Ann Westerheim on 5/1/14 7:52 AM

The latest security vulnerability is all over the news.  Microsoft is working on a fix to address a flaw that could potentially allow hackers to gain remote access to systems. This flaw affects all versions of Intenet Explorer (about 55% of the browser market) and a patch is expected soon.  If you're still running Windows XP, support has ended and there will not be a security patch.

In the meanwhile, here's what you can do.  The first option is to use an alternate browser for a while, such as Firefox or Chrome. If you're doing general surfing, this is the best course of action for now.

Manage Add-OnsIf you need to run Internet Explorer (many applications rely on it), it is recommended that you disable Adobe Flash.  The security flaw requires Adobe Flash, so if its disabled, you'll be ok with this threat.  

Here is how to disable Adobe Flash.  In the upper right hand corner of Internet Explorer, select the "gear" icon, and then select "Manage add-ons" from the pull-down menu.  Selecting this will enable you to pick from a list of all the add-ons to your browser and then disable Adobe Flash.

DisableAdobeFlashSelect Adobe Flash from the list of "Toolbars and Extentions", and then press the "Disable" button.

Note that when Flash is disabled, some web features won't work, so this is a temporary work around.  

One of the questions we frequently hear is "why are Microsoft products so insecure"?  The technology underlying all the daily things you do on the web is very complex, and there will constantly be vulnerabilities.  None of us are willing to give up the web, but we will need to live with some risk.  Hackers will go where the market share is, and Microsoft dominates the market.  Microsoft also diligently issues patches (which are free) to update products as new vulnerabilities are discovered.

Keep in mind that if you're still running Windows XP, there are no more security patches for this "retired" operating system.  The next few months will be interesting as hackers may try to exploit this since about 25% of computers world wide are still running XP.  Stay tuned...

Tags: Internet Explorer, Security, Adobe Flash

Cryptolocker may be lurking in that email - Don't open it!

Posted by Ann Westerheim on 2/3/14 5:12 PM

Don't let Cryptolocker in!Many viruses are embedded in email attachments designed to get through even multiple layers of security.  CryptoLocker is one of the worst viruses seen in years and it only takes ONE message to get through to cause a lot of damage, and the “bad guys” have developed sophisticated techniques to get around your antivirus protection. 

All users are advised to be extremely cautious when opening email attachments.  Typically, the incoming email is a "spoofed" email pretending to be from a reputable source such as UPS, Xerox, ADP, Verizon, Dun and Bradstreet and others.  The subjects of the emails are socially engineered to trick people into opening them.  Some the subjects include:

  • Scan from a Xerox WorkCentre
  • USPS - Missed package delivery
  • ACH Notification ("ADP Payroll")
  • Voice Message from Unknown Caller
  • Corporate eFax message from "random phone #" - 8 pages
  • Important - New Outlook Settings
  • Dun & Bradstreet Case Number

As you can see from these subjects, during a busy work day, it would be very easy to quickly open one of these emails and open the attachment.  You may think the email is for you (from your scanner, efax, or service provider), or perhaps a curious employee would be enticed to peek at a confidential file.  The problem is, by opening the email, even with Antivirus protection in place, you have effectively opened the door for the virus directly.  

When Cryptolocker is launched, your files will be encrypted (including files on mapped drives), and a while later after the damage is done, you'll see a pop up warning asking for a payment to restore your files.   We strongly advise against paying the ransom.   You would be giving money directly to criminals, and only encouraging them to do more damage.  Instead, we advise cleaning the system and restoring files from a good backup (make sure you have a solid backup!).  

Slow down, and carefully check out the emails before opening them.  For example, you may use an eFax service or scan with a Xerox scanner, but the subjects are usually a bit off if you look closely.  Also Microsoft never sends unsolicited mail.

Spam filtering,  antivirus protection, and perimeter security all help, but it only takes one message to get through and create a LOT of damage.  When you open the email attachment, it's effectively like letting the thief in the front door after the doorbell rings.

Please help spread the word to all users in your organization.  Education is the first line of defense for all security.

Tags: eMail, Security, cryptolocker, antivirus

What is my Wireless Security Key?

Posted by Ann Westerheim on 1/2/13 10:27 AM

Did Santa bring you a new Kindle Fire, iPad Mini, or Microsoft Surface for Christmas?  If so, probably one of the first things you wanted to do was connect to your home wireless network.  To connect, you'll be asked for a "key", which is a code that lets you in (and keeps others out).  The common dilemma is that users have set up a wireless network a LONG time ago, recorded the key, and stored it in a "safe place", only to be stumped when you look for it again.  The problem is that after you program the key into your laptop or other portable devices, your system "remembers" it, so you end up forgetting. 

Wireless Network IconDon't worry!  They key is easy to retrieve.  If you have a laptop connected to your wireless network, select the wireless icon in the lower right hand portion of the screen.  "Left click" on your mouse to view the wireless networks.  (Right-clicking allows you to "troubleshoot problems" and "Open Network and Sharing Center").  

Wireless Network PropertiesAfter you select the wireless networks icon, you'll see a list of all the wireless networks nearby, including the one you are connected to (in this case, the list is blanked out for privacy and only the first one is showing.)  "Right Click" on your network and select "Properties" to view the properties of your network, including the wireless key.


Wireless Key Show CharactersIn the "Properties" window, under the "Security" tab, you'll see the "Network Security Key" listed, with characters hidden.  To see the actual key, check the box to "show characters", and you'll have your key!

So if the encryption key that you wrote down two years ago is in a "safe place" somewhere, rest-assured you'll also find it stored electronically here.  No need to rummage through all your files!

Tags: Encryption, Security, Wireless Network, Key

February 7 is Safer Internet Day!

Posted by Ann Westerheim on 2/7/12 2:05 PM

Safer Internet Day 2012February 7 is Safer Internet Day, which is organized by Insafe each year to help promote safer and more responsible use of the Internet and mobile phones, especially among young people.  There are events all over the world today with this year's theme focused on "Connecting generations and educating each other".  This is a great idea because we can all help each other - tech savvy young people can teach their grandparents about how to get around on-line, and grandparents have the wisdom to help their grandchildren stay safe.

To learn more and get informed with some helpful statistics, visit the saferinternetday.org web site.  Did you know that 26% of children report having a public social networking profile and 36% of 9-16 year olds report that they definitely know more about the Internet than their parents?  48% of parents report that they get Internet safety information mostly from family and friends.  In the spirit of the day, talk to your family about Internet safety and help spread the word!  You can also help spread the word on Facebook and Twitter.

Tags: Security, Internet, Safer Internet Day

Protect Yourself from "Fake" Antivirus Software

Posted by Ann Westerheim on 1/24/12 9:07 AM

AVG System StatusOne of the best ways to protect yourself from the common "fake" anti-virus malware that's all over the place is to spend a few moments getting to know your "real" anti-virus software.

Each anti-virus vendor handles things a bit differently, but it's basically "theme and variations".  The screen shot to the right is what the AVG system status looks like.  When you click on the AVG icon in the system tray (lower right of your screen), you'll see this screen.  What you're looking for is a recent scan date, your last update (should be with in a few hours time window), and your license expiration date.  You're also looking for green check marks for all the protection levels:  Anti-Virus, Anti-Spyware, LinkScanner, Anti-Rootkit, e-Mail Scanner, License, Online Shield, Resident Shield, and the Update Manager.  The goal is to recognize your system status when things are going well, so when if you get the dreaded "fake anti-virus" malware, you'll know it's fake.

If you get hit with the fake antivirus malware, here's what will happen.  A pop-up will appear on your screen saying somthing like a threat was found and do you want to do a scan.  In scome cases the pop up will ask you to purchase an anti-virus license.  Don't do it! A good strategy is to remember your Windows shortcuts and use "ALT+F4" to close the window.  Sometimes the pop-up looks like a Windows screen, but its actually a web page, and the "x" that would normally close the window is actually a link to do more harm.  Use "ALT+F4" instead.

Spend a few moments today to look at what your anti-virus system status screen looks like, and you'll be better prepared for future "fake" threats.

Tags: Security, Fake Antivirus malware

Are "Default Passwords" our Defense Against Cyber-Terrorism?

Posted by Ann Westerheim on 11/23/11 9:07 AM

Cyber Terrorism - The next threat?In last night's Republican debate, one of the questions posed to the candidates was "What threat might we face in the next few years that no one is talking about today?".  The question was in the context of the 9/11 attacks shortly after George Bush became President, that defined his term in office.  One of the answers that caught my attention was cyber-terrorism.  Instead of a physical attack, our critical computer systems and networks could be attacked by hackers.  When you stop and think about how pervasive computing is in our modern lives, covering everything from banking to delivery of our utilities, it's scary to think of how vulerable we are.

In the Kaspersky Labs Threat Post yesterday, Paul Roberts posed a very scary question:  Was the three character password used to hack South Houston's Water Treatment Plant a Siemen Default?  Apparently the hacker describe an "easy-to-crack three character password" that provided access to the Siemans Simatic HMI (human machine interface) software that controlled the water treatment plant.  The description matches the default password that comes with the equipment, but the actual password hasn't been confirmed yet. 

Although the hacker says he didn't take any action when he gained access to the system, he could have shut out other users, taken control of the water treatment plant, and cause a lot of damage.  He used Internet scanning software to discover systems that were connected to the Internet, and then had a pretty easy time getting in.  He describes himself as merely a hobbyist, not a "real" hacker.

If default passwords are being used to protect our critical infrastructure, we're at risk!  This breach has gotten attention in the news, but who knows how many other similar systems are vulnerable like this.   The department of Homeland Security is working with Siemans to investigate the breach, but this is just the starting point.

ALWAYS use STRONG passwords to protect any applications you access over the Internet. Strong passwords should contain uppercase and lowercase letters, numbers, and symbols.  They should never be words in the dictionary, and ALWAYS change the default password!

Tags: passwords, Security, strong passwords, default passwords

Securing your Business is Easy as 1 2 3

Posted by Ann Westerheim on 11/22/11 9:20 AM

Security LockJust about every day we read about a new computer security breach in the news.  The big events draw a lot of attention and generate the headlines, but small business owners need to stay vigilant too!

It can be overwhelming to try to digest all the available information on computer security.  We like to think about it in three easy steps.

Step 1:  Secure your perimeter.  Think of this as having a wall around your business, a fence, or locked windows and doors.  Your firewall protects you from the Internet by creating a cyber barrier between you and the outside world.  If you picked up an inexpensive router at Staples a few years ago, you should strongly consider upgrading to a business class router.   We highly recommend Sonicwall products, but there are many great choices.  We're also recommending gateway security software to manage the traffic in and out of the network, above and beyond basic firewall protection.  Also, remember that your firewall needs regular firmware upgrades to stay up to date with respect to new threats.

Step 2:  Protect allsystems on your network with Anti-Virus and Anti-Spyware software. The important point is that EVERY system needs active protection (up to date license, dynamic updates multiple times a day).  Do you know that EVERY system is up to date?  Do you have a policy about bringing in systems from home (BYOD - Bring Your Own Device)?  What about guests?  If guests on your network are a factor for you, we strongly recommend installing a separate "sub-net" so that these guests can get Internet access (using your same Internet connection with no extra cost), but they won't be on your main network.  How do you know your guest has up-to-date virus protection?

Step 3:  Keep your applications and operating systems up to date with security patches.  Microsoft routinely releases free updates on "Patch Tuesday", the second Tuesday of the month. Many people are aware of these updates because they're in the news, and your Windows system will prompt you when updates are available.  What people often overlook is that Macs need updates too, and other applications such as Adobe Acrobat, Adobe Flash and Java are also vulnerable to security loopholes and also need to be regularly updated. (And don't forget your smart phone, but this is a whole new topic).

There is no such thing as 100% security.  Even if you do everything "right" there is still a chance that you could have a problem, such as a virus, but with focus on active protection, you greatly reduce your risk and potential for damage.

Remember that security is effectively a "cat and mouse" game.  Vulnerabilities are detected, hackers try to exploit the vulnerabilities, and the security firms try to stay a step ahead.  To protect your small business, remember your "123s":  1. Perimeter, 2. System, 3. Applications.

Tags: Security, Firewall, Virus, Spyware, Patches

Content Filtering - Get control over web usage in your business!

Posted by Ann Westerheim on 9/22/11 8:00 AM

Office ComputerOne of the questions we're hearing more and more from our small business clients is how to get control over out-of-control web usage in the office.  So much business is conducted on-line that employees need to be connected to the Internet, but in some cases, things can get out of control when some employees spend too much work time on personal web usage such as shopping, Facebook, or going to sites they're not supposed to.  If web usage can't be controlled through other management techniques, or if your business has compliance requirements, it's time to think about content filtering for your site.

In some cases the concern is illegal, inappropriate, or harmful web content, and in other cases it's a matter of employee performance, and limiting personal distractions.  Another big problem is that if too many users are accessing music or video sites, your network can slow down to a crawl.  If your business faces some or all of these problems, content filtering is the solution. 

How does it work?  With content filtering, web traffic can be managed by giving access to, or denying access to particular sites or categories of sites, with individual or group controls, and time of day control. We typically recommend SonicWall solutions, but the general way these solutions work is that a comprehensive database of millions of web sites is accessed to define usage policies.  Examples of categories you can block include:  pornography, drugs, criminal and illegal skills, gambling, hate sites, etc.. You can also block other specific sites that are productivity distractions.  When users try to access web sites, their access will be determined by the rules set up in the router.  This is a simple way to centrally manage web site usage in your business.

Typically some adjustments are required to make things run smoothly (we see a lot of cases where access to necessary sites are inadvertently blocked at first), but in general, implementing a technology solution makes things clear for employees, and centralized technology makes it easy to manage. We strongly recommend carefully thinking through your company policy ahead of time, so the technology fits your business environment.

Tags: Security, network security, Internet usage, company policy

Stay Safe on a Public Wi-Fi Network

Posted by Ann Westerheim on 6/10/11 11:16 AM

Wireless Access in Coffee Shop 200Free public Wi-Fi networks are popping up everywhere - at the airport, Starbucks, your local music school...  These networks are a big convenience, but you should be aware of your security settings so you don't put your computer and data at risk.  When you connect to a network, there may be a firewall protecting you from the outside world and everyone else on the Internet, but when you connect to a local network, you're basically putting your trust in that network and everyone else on it - not a good idea in public!  In addition to file sharing, many of these wireless hot spots are unencrypted to make it easy for people to connect, but this could leave you vulnerable to malicious users in the coffee shop who could monitor your keystrokes!

Windows 7 has a great feature that lets you select the type of network you're on (Home, Work, Public), and will impose the proper security settings for you.  When first connect to a network, your system will ask you what type of network it is.  If you're in a place where you don't recognize the other computers, you should specify "Public Network" for your network location.  This will automatically set the appropriate security settings.

To see what your current settings are and to change them, go to Control Panel, Network & Sharing Center.  For a Public Network, the icon is a Park Bench.  To see the individual settings, click on "Change Advanced Sharing Settings".

1)  Turn off Network Discovery - When Network Discovery is ON, your computer can see other computers and devices on the network and they can see you. 

2) Turn off File and Printer Sharing - When File and Printer Sharing is ON, files and printers you have shared on this computer can be access by other people on the network. 

3) Turn off Public Folder Sharing - When public Folder Sharing is ON, people on the network can access Public Folders.

4) Turn on Password Protected Sharing - if you are going to share files and folders, make sure Password Protected Sharing is ON so that only users with a user name and password for your system could access the files.

5) Additionally, Turn ON Windows Firewall.  Go to Control Panel, Windows Firewall and check that its ON.  The firewall helps prevent other systems on the network (all the people you don't know in the coffee shop) from potentially spreading malicious software or accessing your system.

When accessing web sites, look for SSL encryption to make sure your transmissions are protected.  Look for "HTTPS" in the web address. 

Unless you completely trust the owner of the network, and trust that they have secured their network equipment, keep in mind that entering personal information like banking accounts and credit card information can be compromised.  WEP and WPA encryption can be hacked, so you're not completely safe.

Finally, if you don't need to use the Internet the whole time your their, just shut off your laptop wireless.  Your system may have a physical switch, or you can simply hit the "Windows Key" + "X" to get a bunch of on/off switches.

Security is never 100%, but remembering to take proper precautions will greatly reduce your risk.  Consider what information is most important to you, and safeguard it in public.  I just asked my colleague if he would purchase something on-line with a credit card while on a Starbucks Wi-Fi, and his answer was "No Way!".  Take basic, proper precautions, and then use your judgment.

Tags: Encryption, Security, Wi-Fi, Wireless

Is your password 123456? Time to increase your security!

Posted by Ann Westerheim on 2/17/11 9:00 AM

Password KeyboardWell over a year ago there was a major security breach at a site called RockYou.com.   One of the interesting outcomes is that the breach offered the opportunity to analyze password behaviors since over 32 million passwords were revealed.

Here is the top 20 list and if you see any of your passwords on this list, its a good time to think about using stronger passwords!

  1. 123456
  2. 12345
  3. 123456789
  4. Password
  5. iloveyou
  6. princess
  7. rockyou
  8. 1234567
  9. 12345678
  10. abc123
  11. Nicole
  12. Daniel
  13. babygirl
  14. monkey
  15. Jessica
  16. Lovely
  17. michael
  18. Asley
  19. 654321
  20. Qwerty

Strong passwords should include uppercase and lowercase letters, numbers, and symbols.  Your computer security starts with the strength of your passwords, so don't use something that's easy to guess or easy to automatically generate (like a keyboard string or word in the dictionary).

Tags: Security, password, 123456, popular passwords

Subscribe by Email

Most Popular Posts

Browse by Tag

See all tags...

Connect With Us

Older Blog Posts

For older Ekaru blog posts, go to ekaru.blogspot.com.